Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
6Blast Radius
ecosystem impact- 4 pypi packages depend on apache-airflow (2 direct, 2 indirect)
- 4 pypi packages depend on apache-airflow-core (2 direct, 2 indirect)
Ecosystem-wide dependent count for version 3.0.0 and other introduced versions.
DescriptionCVE.org
Secrets in Variables saved as JSON dictionaries were not properly redacted - in case thee variables were retrieved by the user the secrets stored as nested fields were not masked.
If you do not store variables with sensitive values in JSON form, you are not affected. Otherwise please upgrade to Apache Airflow 3.2.0 that has the fix implemented
AnalysisAI
Apache Airflow 3.0.0 through 3.1.x fails to redact secrets stored as nested fields within JSON-formatted variables, allowing authenticated users with variable access to retrieve plaintext sensitive values. This information disclosure vulnerability affects deployments that store credentials or API keys as JSON dictionary structures in Airflow variables. The EPSS score of 0.02% and CVSS 3.7 with high attack complexity reflect limited real-world exploitation likelihood, but the vulnerability poses direct risk to organizations using JSON-structured secrets without additional access controls.
Technical ContextAI
Apache Airflow's variable masking mechanism is designed to redact sensitive values when variables are retrieved or displayed. The vulnerability stems from incomplete redaction logic (CWE-668: Exposure of Sensitive Information to an Unauthorized Actor) that fails to recursively mask secrets nested within JSON dictionary structures. When variables are serialized as JSON objects containing sensitive fields at arbitrary depth, the redaction logic only masks top-level values or applies insufficient depth traversal. This affects the Airflow UI, API responses, and programmatic variable retrieval methods. The issue is specific to JSON-formatted variables; plaintext string variables or non-JSON formats are properly masked. Affected CPE cpe:2.3:a:apache_software_foundation:apache_airflow:*:*:*:*:*:*:*:* covers all Apache Airflow versions from 3.0.0 through 3.1.x.
RemediationAI
Upgrade to Apache Airflow 3.2.0 or later, which includes the fix implemented via GitHub PR #63480 (https://github.com/apache/airflow/pull/63480). This patch ensures recursive masking of secrets within JSON-structured variables. For organizations unable to upgrade immediately, implement the following compensating controls: (1) Restrict variable access via Airflow RBAC to only users with demonstrated need to handle sensitive values, with audit logging enabled for all variable access-trade-off is reduced operational flexibility for users requiring variable inspection. (2) Avoid storing secrets directly in Airflow variables in JSON form; instead, use Airflow's Secrets Backend integration (AWS Secrets Manager, HashiCorp Vault, GCP Secret Manager) which applies consistent redaction independent of data structure-this requires refactoring variable usage and may impact deployment scripts. (3) Deploy variable access monitoring via log aggregation to alert on unusual variable retrieval patterns, flagging API or UI access to variables containing JSON-formatted credentials-this provides detection but not prevention. (4) Implement network-level access controls restricting direct API access to Airflow's variable endpoints to trusted internal IPs only. Upgrade to 3.2.0 remains the authoritative fix.
Same weakness CWE-668 – Exposure of Resource to Wrong Sphere
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-23666
GHSA-w9r4-94fj-xp69